Commit Graph

451 Commits

Author SHA1 Message Date
Miroslav Stampar
c9f0c75030 removed --space (usage of tampering modules is now a prefered way to do it) 2010-10-15 12:52:33 +00:00
Miroslav Stampar
d0514d18ec removed that spaces from URI payloads 2010-10-15 12:49:03 +00:00
Miroslav Stampar
2fa8836c01 bug fix 2010-10-15 11:14:59 +00:00
Miroslav Stampar
d50684a057 added one more check 2010-10-15 11:05:50 +00:00
Miroslav Stampar
2b476e078c minor cosmetics 2010-10-15 10:36:29 +00:00
Bernardo Damele
a80f6110cd don't call variables 'file', it's a reserved word :) 2010-10-15 10:29:24 +00:00
Bernardo Damele
9fcab68700 Minor adjustments 2010-10-15 10:28:06 +00:00
Miroslav Stampar
207bef7f19 fix for that SQLite3 vs SQLite2 issue 2010-10-15 09:39:41 +00:00
Miroslav Stampar
d0df8cdac9 fix for that duplicates 2010-10-15 00:34:16 +00:00
Miroslav Stampar
4f7f20b94f sorry, cosmetics 2010-10-14 23:18:29 +00:00
Miroslav Stampar
8b48833136 large commit with copyright header modifications 2010-10-14 14:41:14 +00:00
Miroslav Stampar
f07608ef4d show static words in a sorted manner 2010-10-14 12:38:06 +00:00
Miroslav Stampar
162d01abed commit of all sorts (bug fix for heuristics and URI injections, fine tunning of tampering modules with SQL keywords,...) 2010-10-14 11:06:28 +00:00
Miroslav Stampar
7e1f784eaa cosmetic update 2010-10-14 06:00:10 +00:00
Miroslav Stampar
34580f56fc added --tamper option 2010-10-12 22:45:25 +00:00
Miroslav Stampar
9a08f7feb8 minor update 2010-10-12 20:01:59 +00:00
Miroslav Stampar
d2ec132469 added --text-only switch 2010-10-12 19:41:29 +00:00
Miroslav Stampar
f9f79ffbaf basic stuff for sybase 2010-10-12 19:05:12 +00:00
Miroslav Stampar
9ffa928783 added some user interaction when page is dynamic 2010-10-12 15:49:04 +00:00
Miroslav Stampar
73b77255e3 minor cosmetic update 2010-10-12 12:32:02 +00:00
Miroslav Stampar
6dcd05c39c minor update 2010-10-11 14:38:04 +00:00
Miroslav Stampar
43892cddbb some updates 2010-10-11 12:26:35 +00:00
Miroslav Stampar
2198a60684 bug fix (reported by james@ev6.net) 2010-10-10 20:51:11 +00:00
Miroslav Stampar
7a5bb2b0d6 update 2010-10-10 19:50:10 +00:00
Miroslav Stampar
8fcad29bbf new feature --forms (still unfinished) 2010-10-10 18:56:43 +00:00
Miroslav Stampar
18d27cabc5 more changes 2010-10-07 15:34:17 +00:00
Miroslav Stampar
440ff639bb more refactoring 2010-10-07 14:05:34 +00:00
Miroslav Stampar
1e9ae40397 major refactoring 2010-10-07 12:12:26 +00:00
Miroslav Stampar
1bf8939e2f further updates 2010-10-06 22:43:04 +00:00
Miroslav Stampar
de6fa1247b moved injections to xml format 2010-10-06 22:29:52 +00:00
Miroslav Stampar
adf2231edb minor update 2010-10-06 13:38:03 +00:00
Miroslav Stampar
56dbf0038f minor update (for future implementation of more advanced error page logic) 2010-10-06 12:10:00 +00:00
Miroslav Stampar
0ad8090ad8 fix for a google bug reported by Brandon E. 2010-10-01 08:03:39 +00:00
Miroslav Stampar
8abcdae1b5 some update 2010-09-30 19:45:23 +00:00
Miroslav Stampar
cf8e92699c changes regarding EXISTS feature 2010-09-30 12:35:45 +00:00
Miroslav Stampar
3cd15960a0 more updates 2010-09-27 13:26:46 +00:00
Miroslav Stampar
3b9fe3e1c8 everything is ready for testing (smoke and live) 2010-09-27 11:20:48 +00:00
Miroslav Stampar
dc11ae0d65 update 2010-09-26 14:56:55 +00:00
Miroslav Stampar
35f35605df changes regarding Feature #160 2010-09-26 14:02:13 +00:00
Miroslav Stampar
99d9f9e624 update for smoke testing 2010-09-26 10:47:04 +00:00
Miroslav Stampar
2e5f269650 update regarding --space option 2010-09-24 22:35:32 +00:00
Miroslav Stampar
9cd5d3bde7 added new option --space 2010-09-24 21:59:03 +00:00
Miroslav Stampar
327bfcbe97 update regarding Feature #61 2010-09-24 14:34:05 +00:00
Miroslav Stampar
b6ff03690f update regarding Feature #61 2010-09-24 13:34:46 +00:00
Miroslav Stampar
48e0261e68 update for Feature #61 2010-09-24 13:19:35 +00:00
Miroslav Stampar
ff419f7384 more changes regarding path (URI) injection 2010-09-24 09:19:14 +00:00
Miroslav Stampar
e4925eb3dd update 2010-09-23 21:57:11 +00:00
Miroslav Stampar
13bb3a6212 minor update 2010-09-23 14:07:23 +00:00
Miroslav Stampar
927ad7bf13 update 2010-09-22 12:21:21 +00:00
Miroslav Stampar
da8ae5578b first commit regarding Feature #144 2010-09-22 11:56:35 +00:00
Miroslav Stampar
540a9b391f stripped some trailing spaces 2010-09-16 13:19:13 +00:00
Miroslav Stampar
b745331974 added null connection check 2010-09-16 08:43:10 +00:00
Miroslav Stampar
76233ff5a3 added skeleton for live testing 2010-09-15 13:55:28 +00:00
Miroslav Stampar
53800ef65f more refactoring 2010-09-15 13:32:42 +00:00
Miroslav Stampar
abc12bc361 more refactoring 2010-09-15 13:28:56 +00:00
Miroslav Stampar
682872689a some more refactoring 2010-09-15 12:59:51 +00:00
Miroslav Stampar
91a0b5df3c minor update 2010-09-15 12:52:28 +00:00
Miroslav Stampar
b699f98cbb minor refactoring 2010-09-15 12:51:02 +00:00
Miroslav Stampar
798ab4989b fix for a Bug #200 2010-09-14 10:35:01 +00:00
Miroslav Stampar
77a53228c5 changes regarding dynamic content recognition 2010-09-13 21:01:46 +00:00
Miroslav Stampar
19fb2e3dcf fix for Bug #165 2010-09-13 13:31:01 +00:00
Miroslav Stampar
61120b0bac minor comment added 2010-09-09 14:08:53 +00:00
Miroslav Stampar
1b3d287a09 fix for a bug reported by shaohua pan (and one other bug) 2010-09-07 10:21:42 +00:00
Miroslav Stampar
e810fe7b0b no need for obsolete (and hard to find) sqlite module when sqlite3 handles both database versions 2010-08-31 13:37:53 +00:00
Miroslav Stampar
f5953bacc0 fix for direct connection parsing (now on windows machines python sqlmap.py -d access://C:\testdb.mdb is valid, while before it wasn't) 2010-08-30 16:35:28 +00:00
Miroslav Stampar
48cc87f6a9 added support for fingerprinting SAP MaxDB (Issue 143) 2010-08-30 13:29:19 +00:00
Miroslav Stampar
2cd8f31003 some doc test samples included 2010-08-20 21:27:47 +00:00
Miroslav Stampar
4edf6ebe00 update for smoke tests 2010-08-20 21:01:51 +00:00
Miroslav Stampar
8aa12db425 added option --proxy-cred for setting proxy credentials (Feature #195) 2010-08-18 22:45:00 +00:00
Miroslav Stampar
70197affa0 little update (--ratio has a bigger priority then resumed value) 2010-08-10 19:57:59 +00:00
Miroslav Stampar
057ec8a6b2 added --ratio option for direct manipulation of conf.matchRatio parameter 2010-08-10 19:53:29 +00:00
Miroslav Stampar
02523dbfb5 fix of fix 2010-08-09 22:13:56 +00:00
Miroslav Stampar
6eab7997d1 fix for bug reported by dragoun dash (TypeError: sequence item 0: expected string, NoneType found) 2010-08-08 22:25:33 +00:00
Miroslav Stampar
e0fe5d1504 bug fix for error reported by Marek Sarvas (error data) 2010-08-08 21:48:22 +00:00
Miroslav Stampar
0cab4a5355 fix for bug reported by m4l1c3 (UnicodeEncodeError) 2010-08-08 21:22:37 +00:00
Miroslav Stampar
7dcc2031ac smoke test adjustments 2010-07-30 12:57:58 +00:00
Miroslav Stampar
092829c189 implemented basic smoke testing mechanism 2010-07-30 12:49:25 +00:00
Miroslav Stampar
28d9115373 fix for Feature #187 (Skip duplicates parameters in -g) 2010-07-29 20:01:04 +00:00
Bernardo Damele
49af0c43a5 Forgot 2010-07-01 15:26:18 +00:00
Miroslav Stampar
9d28ae23ca fixup for situations with unexpected LENGTHs in multithreaded mode (e.g. UTF8 data retrieval) 2010-07-01 14:11:45 +00:00
Bernardo Damele
24428c1a1b Added warning message if both --proxy and --keep-alive are provided 2010-06-30 11:41:42 +00:00
Bernardo Damele
d40a238335 Make --keep-alive public 2010-06-30 11:29:35 +00:00
Bernardo Damele
8625763c07 Minor code refactoring 2010-06-30 11:22:25 +00:00
Bernardo Damele
c33f3ef844 Minor adjustment to HTTP headers handling 2010-06-29 23:51:44 +00:00
Bernardo Damele
fb9f669544 More verbose comments 2010-06-29 21:10:33 +00:00
Bernardo Damele
8576817a2b Added support for SOAP requests: fixed, extended and tested a user's patch - closes #196. 2010-06-29 21:07:23 +00:00
Bernardo Damele
ea45d75f2d Major bug fix to parse and store all HTTP headers from the request file (-r) 2010-06-29 21:06:03 +00:00
Bernardo Damele
7cad3cbda6 Minor code refactoring 2010-06-28 13:47:20 +00:00
Miroslav Stampar
ccfc9b0fec fix for that bug linux man reported (UnicodeEncodeError inside raw_input) 2010-06-23 07:30:15 +00:00
Bernardo Damele
17e228024b Minor enhancements and bug fixes to "good samaritan" feature - see #4 2010-06-21 14:40:12 +00:00
Bernardo Damele
fd76f048b6 Added common pattern value support to bisection algorithm 2010-06-17 11:38:32 +00:00
Bernardo Damele
9bce22683b Minor bug fix and adjustment to deal with Keep-Alive also against Google (-g) 2010-06-11 10:08:19 +00:00
Bernardo Damele
c23ea4c749 --keep-alive is not compatible with --proxy 2010-06-10 21:19:45 +00:00
Bernardo Damele
75dc44deb8 Minor adjustments 2010-06-10 15:34:28 +00:00
Bernardo Damele
d3c8e461cf Minor layout adjustments 2010-06-10 14:14:56 +00:00
Miroslav Stampar
ac55e1b75f fix for localhost firebird direct db access 2010-06-10 12:02:48 +00:00
Miroslav Stampar
c398353e06 support for loading 'faulty character set' session files 2010-06-09 16:07:47 +00:00
Miroslav Stampar
38e5e342f8 added prettyprint module with fixed toprettyxml() method 2010-06-07 09:03:03 +00:00
Miroslav Stampar
9e76b847b3 fix regarding bug discovered by Andreas Constantinides 2010-06-04 17:07:17 +00:00
Miroslav Stampar
464f171a8c added reusage of xml output and removed toprettyxml which has lots and lots of problems (output once stored is not usable any more from any xml parser/reader because it adds whitespaces all over the output just to be more 'human' readable) 2010-06-03 07:36:30 +00:00